Abstract:Cyberattacks frequently target higher educational institutions, making cybersecurity awareness and resilience critical for students. However, limited research exists on cybersecurity awareness, attitudes, and resilience among students in higher education. This study addresses this gap using the Theory of Planned Behavior as a theoretical framework. A modified Human Aspects of Information Security Questionnaire was employed to gather 266 valid responses from undergraduate and postgraduate students at a South African higher education institution. Key dimensions of cybersecurity awareness and behavior, including password management, email usage, social media practices, and mobile device security, were assessed. A significant disparity in cybersecurity awareness and practices, with postgraduate students demonstrating superior performance across several dimensions was noted. This research postulates the existence of a Cybersecurity-Education Inflection Point during the transition to postgraduate studies, coined as the Cybersecurity-Resilience Gap. These concepts provide a foundation for developing targeted cybersecurity education initiatives in higher education, particularly highlighting the need for earlier intervention at the undergraduate level.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is the lack of students' awareness and behavior regarding network security in higher education institutions, especially in the context of South Africa. Specifically, the research aims to fill the following research gaps: 1. **Insufficient research on network security awareness**: Although network attacks are frequently targeted at higher education institutions, there is relatively little research on students' network security awareness, attitudes, and resilience. 2. **Differences between undergraduates and postgraduates**: The research explores the differences in network security awareness and practice among students at different educational levels (undergraduate and postgraduate). 3. **Application of theoretical frameworks**: By applying the Theory of Planned Behavior (TPB), the research attempts to understand how students' attitudes affect their network security behaviors. ### Research questions This research mainly answers the following research questions: - **What are the attitudes of students at different study stages in higher education institutions towards network security awareness?** ### Main findings 1. **Significant gap**: The research found that postgraduates showed better network security awareness and practice in multiple dimensions than undergraduates, especially in password management and email use. 2. **Network security - resilience turning point**: The research proposed a hypothesis that during the transition from undergraduate to postgraduate, students' network security awareness and practice significantly improve, which is called the "network security - resilience turning point". 3. **Importance of early intervention**: The research emphasized the necessity of early network security education intervention at the undergraduate stage to narrow this gap. ### Significance and suggestions 1. **Enhancing undergraduate education**: It is recommended to strengthen network security education at the undergraduate stage, especially training in password management and email security. 2. **Continuous education**: Integrate network security education into the entire academic curriculum and improve students' practical operation abilities through practical exercises and real - world simulations. 3. **School - wide training**: Expand the training to faculty and staff to ensure the formation of a comprehensive network security awareness culture throughout the school. Through these measures, the research hopes to cultivate a more network - security - resilient student group in higher education institutions to deal with increasingly complex network threats.

Exploring the Cybersecurity-Resilience Gap: An Analysis of Student Attitudes and Behaviors in Higher Education

CYBERSECURITY AWARENESS AND EDUCATION PROGRAMS: A REVIEW OF EMPLOYEE ENGAGEMENT AND ACCOUNTABILITY

Cyberpsychology can improve cybersecurity leadership in higher education

Factors Affecting Cybersecurity Awareness among University Students

Towards Determining the Effect of Age and Educational Level on Cyber-Hygiene

knowCC: Knowledge, awareness of computer & cyber ethics between CS/non-CS university students

Assessment of Cybersecurity Awareness among Students of Majmaah University

Reviewing Cyber Security Social Engineering Training and Awareness Programs—Pitfalls and Ongoing Issues

Cybersecurity education: Evolution of the discipline and analysis of master programs

Cyber Security Awareness, Knowledge and Behavior: A Comparative Study

The influence of social education level on cybersecurity awareness and behaviour: a comparative study of university students and working graduates

Cybersecurity and critical care staff: A mixed methods study

Individual and Contextual Variables of Cyber Security Behaviour -- An empirical analysis of national culture, industry, organisation, and individual variables of (in)secure human behaviour

Adopting the Cybersecurity Concepts into Curriculum The Potential Effects on Students Cybersecurity Knowledge

Cyber Security Awareness Campaigns: Why do they fail to change behaviour?

A Study on the Impact of Gender, Employment Status and Academic Discipline on Cyber Hygiene: A Case Study of University of Nigeria, Nsukka

Understanding Cybersecurity Education Gaps in Europe

Cyber–Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review

Cybersecurity program for Philippine higher education institutions: A multiple-case study

Want to Raise Cybersecurity Awareness? Start with Future IT Professionals

A Survey on Cyber Resilience: Key Strategies, Research Challenges, and Future Directions